Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/L0bhppLWrMSdcNLgGdYJSqSZVkc.roa
File: L0bhppLWrMSdcNLgGdYJSqSZVkc.roa (raw, json)
Hash identifier: reCxur1GjrSqHzTsIc/AouKUuv6D5DZfsF8cL44q+Yc=
Subject key identifier: 2F:46:E1:A6:92:D6:AC:C4:9D:70:D2:E0:19:D6:09:4A:A4:99:56:47
Certificate issuer: /CN=b209721f4548c26cf362e944a81b1acee7b24b53
Certificate serial: 018CC56DF793763AF1470FCA59C4AF2D5774
Authority key identifier: B2:09:72:1F:45:48:C2:6C:F3:62:E9:44:A8:1B:1A:CE:E7:B2:4B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sglyH0VIwmzzYulEqBsazueyS1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/L0bhppLWrMSdcNLgGdYJSqSZVkc.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5585
IP address blocks: 192.114.62.0/23 maxlen: 24
2001:7f8:3b::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f7:93:76:3a:f1:47:0f:ca:59:c4:af:2d:57:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b209721f4548c26cf362e944a81b1acee7b24b53
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f46e1a692d6acc49d70d2e019d6094aa4995647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:43:5d:cf:58:57:5c:d1:3d:c3:ef:15:65:ae:
05:73:84:ce:ee:f3:cc:da:15:dd:91:4b:b5:fb:6c:
1a:0a:9d:ba:dc:2f:0f:14:3b:35:f0:db:ca:fb:02:
b0:f9:26:21:6f:20:61:c4:e0:56:d7:9e:73:ff:97:
28:15:7d:ee:a5:29:13:15:dd:a1:fc:29:4a:d0:00:
a9:0d:01:e1:a1:3d:46:c4:26:18:5b:32:b1:7d:97:
02:81:e9:19:5a:05:d9:33:7c:2e:a4:a8:9f:4c:a1:
d9:66:c5:b7:ef:d6:c1:30:d2:43:e7:50:c9:db:a1:
b5:2d:f0:0d:9b:bb:76:45:63:0f:5c:3b:e1:6e:06:
a8:14:c3:2e:0e:de:1b:2c:16:dc:80:7b:b9:32:d5:
36:4d:82:e7:90:d0:06:0a:ee:d9:23:d3:f6:a4:5e:
99:ef:86:db:d5:ec:99:2b:1e:53:41:23:df:01:c5:
5f:27:c7:81:df:9d:42:6d:a6:be:2c:41:38:24:23:
9e:65:c4:be:0a:a1:05:19:7b:d9:3d:cf:87:51:e1:
77:1d:7f:28:c4:60:1e:8f:46:5c:01:07:72:d1:70:
64:2b:36:be:6e:26:3c:e0:c8:1d:29:cc:8b:7e:b6:
df:cb:cb:aa:0d:69:ec:64:4b:2c:68:0b:eb:13:4a:
99:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:46:E1:A6:92:D6:AC:C4:9D:70:D2:E0:19:D6:09:4A:A4:99:56:47
X509v3 Authority Key Identifier:
keyid:B2:09:72:1F:45:48:C2:6C:F3:62:E9:44:A8:1B:1A:CE:E7:B2:4B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sglyH0VIwmzzYulEqBsazueyS1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/L0bhppLWrMSdcNLgGdYJSqSZVkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/sglyH0VIwmzzYulEqBsazueyS1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.114.62.0/23
IPv6:
2001:7f8:3b::/48
Signature Algorithm: sha256WithRSAEncryption
1e:fd:83:e9:13:77:c4:68:fb:aa:5c:4b:c0:37:0c:22:4e:71:
82:72:69:c8:ea:0f:28:46:83:7d:61:74:37:d2:f4:67:2c:23:
c2:72:92:e9:f4:34:99:56:a6:94:09:d6:f9:9f:e3:ec:86:08:
ff:45:3d:65:56:e2:72:76:ec:90:9a:07:63:c2:a2:92:28:cd:
b6:bc:5b:2b:6b:ae:05:57:b5:43:0f:1f:50:d7:b3:c0:b1:d9:
bb:ee:9b:57:db:4d:75:30:52:6c:f2:80:a2:74:2c:f5:fd:ac:
0c:7b:dd:3a:7f:b5:be:d6:18:5d:7d:48:37:8d:83:5d:29:6e:
e0:c4:5a:46:68:47:c5:62:9e:5c:6a:e0:c6:8b:96:5a:73:19:
e4:5e:22:04:7b:3b:b3:7f:88:70:b5:04:93:ba:35:aa:81:9e:
e8:07:70:10:b2:4a:42:9f:4f:91:bc:3a:47:e2:af:ad:cb:60:
7f:a4:ef:e3:f5:7e:99:3b:3d:99:41:81:d5:aa:6d:bb:d2:03:
e0:84:7f:e6:4f:4d:d9:f1:aa:69:74:d4:23:51:58:fb:d7:d9:
dc:5c:27:8d:8f:9d:ad:28:b9:80:fa:c6:60:cf:dd:51:83:2d:
3d:19:78:c4:a4:72:9f:39:d4:95:3d:de:3d:92:c5:e4:7b:00:
87:0d:9a:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbfeTdjrxRw/KWcSvLVd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDk3MjFmNDU0OGMyNmNmMzYyZTk0NGE4MWIxYWNlZTdi
MjRiNTMwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjQ2ZTFhNjkyZDZhY2M0OWQ3MGQyZTAxOWQ2MDk0YWE0OTk1NjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0Ndz1hXXNE9w+8VZa4Fc4TO7vPM
2hXdkUu1+2waCp263C8PFDs18NvK+wKw+SYhbyBhxOBW155z/5coFX3upSkTFd2h
/ClK0ACpDQHhoT1GxCYYWzKxfZcCgekZWgXZM3wupKifTKHZZsW379bBMNJD51DJ
26G1LfANm7t2RWMPXDvhbgaoFMMuDt4bLBbcgHu5MtU2TYLnkNAGCu7ZI9P2pF6Z
74bb1eyZKx5TQSPfAcVfJ8eB351Cbaa+LEE4JCOeZcS+CqEFGXvZPc+HUeF3HX8o
xGAej0ZcAQdy0XBkKza+biY84MgdKcyLfrbfy8uqDWnsZEssaAvrE0qZOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC9G4aaS1qzEnXDS4BnWCUqkmVZHMB8GA1UdIwQY
MBaAFLIJch9FSMJs82LpRKgbGs7nsktTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2dseUgwVkl3bXp6WXVsRXFCc2F6dWV5UzFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9hNjc0MzItYzA2Ny00Y2RiLWI1YWQt
ZGJhNWMxODM0NjAxLzEvTDBiaHBwTFdyTVNkY05MZ0dkWUpTcVNaVmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9hNjc0MzItYzA2Ny00Y2RiLWI1YWQtZGJhNWMxODM0NjAx
LzEvc2dseUgwVkl3bXp6WXVsRXFCc2F6dWV5UzFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwHI+MA8E
AgACMAkDBwAgAQf4ADswDQYJKoZIhvcNAQELBQADggEBAB79g+kTd8Ro+6pcS8A3
DCJOcYJyacjqDyhGg31hdDfS9GcsI8Jykun0NJlWppQJ1vmf4+yGCP9FPWVW4nJ2
7JCaB2PCopIozba8WytrrgVXtUMPH1DXs8Cx2bvum1fbTXUwUmzygKJ0LPX9rAx7
3Tp/tb7WGF19SDeNg10pbuDEWkZoR8Vinlxq4MaLllpzGeReIgR7O7N/iHC1BJO6
NaqBnugHcBCySkKfT5G8Okfir63LYH+k7+P1fpk7PZlBgdWqbbvSA+CEf+ZPTdnx
qml01CNRWPvX2dxcJ42Pna0ouYD6xmDP3VGDLT0ZeMSkcp851JU93j2SxeR7AIcN
mtE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:27 2025 by rpki-client